Delta Electronics DIAView

Summary

Successful exploitation of this vulnerability could enable an attacker to execute arbitrary code.

The following versions of Delta Electronics DIAView are affected:

DIAView (CVE-2026-0975)

CVSS	Vendor	Equipment	Vulnerabilities
v3 7.8	Delta Electronics	Delta Electronics DIAView	Improper Neutralization of Special Elements used in a Command (‘Command Injection’)

Background

Critical Infrastructure Sectors: Chemical, Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems, Water and Wastewater
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Taiwan

Vulnerabilities

Expand All +

CVE-2026-0975

DIAView functions can execute shell commands within a project script. If an attacker tricks the victim into running a project containing a malicious script, then arbitrary code can be executed when the malicious project starts.

View CVE Details

Affected Products

Vendor:
Delta Electronics

Product Version:
Delta Electronics DIAView: 4.2.0

Product Status:
known_affected

Remediations

Vendor fix
Delta Electronics recommends users update to DIAView v4.4 or later.

Mitigation
For more information, see Delta Electronics advisory Delta-PCSA-2026-00002.

Mitigation
Delta Electronics offers users the following general recommendations:[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from All CISA Advisories

Read the original article:

Delta Electronics DIAView

Delta Electronics DIAView

Summary

Background

Vulnerabilities

CVE-2026-0975

Affected Products

Delta Electronics DIAView

Remediations

Read the original article:

Like this:

Related

Summary

Background

Vulnerabilities

CVE-2026-0975

Affected Products

Delta Electronics DIAView

Remediations

Read the original article:

Share this:

Like this:

Related

Post navigation